/// <summary>
/// Gets a protected string to use as the value of the <see cref="ArmoredCookiesQueryParam"/>
/// when making the requests in a multi-request upload.
/// </summary>
/// <returns>the protected string representing the cookies.</returns>
/// <remarks>If the installed module does not explicitly support armored
/// cookies, NeatUpoad will create a <see cref="Hashtable"/>
/// containing the cookie names/values that ASP.NET uses for session ID and forms
/// auth, and will pass it to <see cref="ObjectProtector.Protect"/>.
/// </remarks>
public static string GetArmoredCookies()
{
string armoredCookies = InstalledModule.GetArmoredCookies();
if (armoredCookies == null)
{
HttpCookieCollection cookies = HttpContext.Current.Request.Cookies;
Hashtable authCookies = new Hashtable();
string[] cookieNames
= new string[] { "ASP.NET_SESSIONID", "ASPSESSION", System.Web.Security.FormsAuthentication.FormsCookieName };
foreach (string cookieName in cookieNames)
{
HttpCookie cookie = cookies[cookieName];
if (cookie != null)
{
authCookies.Add(cookieName, cookie.Value);
}
}
armoredCookies = ObjectProtector.Protect(authCookies);
}
return(armoredCookies);
}
internal static HttpCookieCollection GetCookiesFromQueryString(string qs)
{
string armoredCookiesString = GetArmoredCookiesStringFromQueryString(qs);
if (log.IsDebugEnabled)
{
log.DebugFormat("armoredCookiesString={0}", armoredCookiesString);
}
HttpCookieCollection cookies = new HttpCookieCollection();
if (armoredCookiesString != null && armoredCookiesString.Length > 0)
{
Hashtable armoredCookies = (Hashtable)ObjectProtector.Unprotect(armoredCookiesString);
foreach (string k in armoredCookies.Keys)
{
if (log.IsDebugEnabled)
{
log.DebugFormat("armoredCookies[{0}]={1}", k, armoredCookies[k]);
}
cookies.Add(new HttpCookie(k, (string)armoredCookies[k]));
}
}
return(cookies);
}
public static void ProcessRemoteCallRequest(HttpContext context, MethodCallHandler methodCallHandler)
{
string protectedPayload = context.Request.Params["ProtectedPayload"];
object[] methodCall = (object[])ObjectProtector.Unprotect(protectedPayload);
object[] args = new object[methodCall.Length - 1];
Array.Copy(methodCall, 1, args, 0, args.Length);
object retVal = methodCallHandler((string)methodCall[0], args);
ArrayList resultsArray = new ArrayList();
resultsArray.Add(retVal);
for (int i = 0; i < args.Length; i++)
{
if (args[i] is ICopyFromObject)
{
resultsArray.Add(args[i]);
}
}
string responseBody = ObjectProtector.Protect(resultsArray.ToArray());
context.Response.ContentType = "application/octet-stream";
context.Response.Write(responseBody);
}
protected virtual void AssertSignaturesAreEqual(byte[] actualHash, byte[] expectedHash)
{
ObjectProtector.AssertSignaturesAreEqual(actualHash, expectedHash);
}
public string Protect()
{
return(ObjectProtector.Protect(Serialize, Config.Current.EncryptionKey, Config.Current.ValidationKey));
}
public void Unprotect(string secureString)
{
ObjectProtector.Unprotect(secureString, Config.Current.EncryptionKey, Config.Current.ValidationKey, Deserialize, AssertSignaturesAreEqual);
}
internal static object MakeRemoteCall(Uri uri, HttpCookieCollection httpCookies,
byte[] encryptionKey, byte[] validationKey,
string encryptionAlgorithm, string validationAlgorithm,
params object[] methodCall)
{
CookieContainer cookieContainer = new CookieContainer();
if (httpCookies != null)
{
foreach (string name in httpCookies.AllKeys)
{
string quotedCookieValue = httpCookies[name].Value;
if (quotedCookieValue == null)
{
quotedCookieValue = "";
}
else if (quotedCookieValue.IndexOfAny(new char[] { ',', ';' }) != -1)
{
quotedCookieValue = "\"" + quotedCookieValue.Replace("\"", "\\\"") + "\"";
}
try
{
cookieContainer.Add(new Cookie(name, quotedCookieValue, "/", uri.Host));
}
catch (Exception ex)
{
// We typically only need to use cookies that are used to identify the session
// so if other cookies throw exceptions, it is best to just ignore them.
if (log.IsDebugEnabled)
{
log.DebugFormat("Ignore exception thrown by CookieContainer.Add(): {0}", ex);
}
}
}
}
WebClient wc = new WebClient();
byte[] responseBytes = null;
try
{
wc.Headers.Add("Cookie", cookieContainer.GetCookieHeader(uri));
string protectedRequestPayload = ObjectProtector.Protect(methodCall, encryptionKey, validationKey, encryptionAlgorithm, validationAlgorithm);
NameValueCollection formValues = new NameValueCollection();
formValues.Add("ProtectedPayload", protectedRequestPayload);
responseBytes = wc.UploadValues(uri.ToString(), formValues);
}
catch (Exception ex)
{
log.Error(String.Format("Caught exception while making call to {0} at {1}", methodCall[0], uri),
ex);
throw;
}
finally
{
wc.Dispose();
}
string protectedResponsePayload = System.Text.Encoding.ASCII.GetString(responseBytes);
if (protectedResponsePayload != null && protectedResponsePayload.Length > 0)
{
object[] results = null;
results = (object[])ObjectProtector.Unprotect(protectedResponsePayload, encryptionKey, validationKey, encryptionAlgorithm, validationAlgorithm);
int j = 1;
for (int i = 1; i < methodCall.Length; i++)
{
ICopyFromObject copyFromObject = methodCall[i] as ICopyFromObject;
if (copyFromObject != null)
{
copyFromObject.CopyFrom(results[j++]);
}
}
return(results[0]);
}
return(null);
}
